Virtualize even the most resource-intensive applications with the hypervisor architectures that set the industry standard for reliability, performance and cross-platform support.

VMware ESX and VMware ESXi are “bare-metal” hypervisor architectures, meaning they install directly on top of the physical server and partition it into multiple virtual machines that can run simultaneously, sharing the physical resources of the underlying server. Each virtual machine represents a complete system, with processors, memory, networking, storage and BIOS, and can run an unmodified operating system and applications.

vSphere 4.1 and its subsequent update and patch releases are the last releases to include both ESX and ESXi hypervisor architectures. Future major releases of VMware vSphere will include only the VMware ESXi architecture. For this reason, VMware recommends that deployments of vSphere 4.x utilize the ESXi hypervisor architecture.

The functionality and performance of VMware ESXi and ESX hypervisors are the same; the difference between the two hypervisors resides in their architecture and operational management. VMware ESXi is the latest hypervisor architecture from VMware and as of the vSphere 4.1 release, VMware’s recommended best practice when deploying VMware vSphere. It has an ultra thin footprint with no reliance on a general-purpose OS, setting a new bar for security and reliability. The small footprint and hardware-like reliability of VMware ESXi hypervisor architecture enable it to also be available preinstalled on industry standard x86 servers.Homepage

Drawing on his extensive experience consulting on enterprise VMware implementations, renowned expert Edward L. Haletky offers a “soup-to-nuts” collection of field-tested best practices and solutions. He illuminates the real benefits, issues, tradeoffs, and pitfalls associated with VMware’s newest platforms, using real-world examples that draw upon both VMware and third-party products.

This edition features detailed coverage of new vSphere features such as Storage IO Control, Network IO Control, Load-Based Teaming, Distributed Virtual Switches, ESXi, hardware and processors, and a significantly expanded discussion of auditing and monitoring. Haletky offers new or enhanced coverage of VM Hardware, virtual networking, VMsafe, and more.

All new coverage is thoroughly integrated into Haletky’s insightful discussion of the entire lifecycle: planning, installation, templates, monitoring, tuning, clustering, security, disaster recovery, and more. Haletky consistently presents the most efficient procedures, whether they use graphical tools or the command line.

VMware ESX and ESXi in the Enterprise has long been the definitive single-source guide to VMware planning, deployment, and management. For today’s VMware architects, administrators, and managers, this edition will be even more valuable.

Migrate from ESX to ESXi

VMware vSphere 5 is available only with ESXi, VMware’s most advanced bare metal hypervisor architecture. ESXi is the only hypervisor purpose built for virtualization that does not depend on a general purpose operating system. Thanks to its unique design, ESXi delivers unmatched reliability, security and performance while drastically simplifying hypervisor management. VMware will continue to provide technical support for VMware ESX according to the VMware vSphere support policy.

Existing vSphere customers who run ESX are encouraged to look into migrating to the ESXi architecture when upgrading to vSphere 5. Here are the basic steps to help you plan your migration:

Start Testing ESXi. ESX and ESXi architectures share the same underlying code-base and thus behave nearly identical to one another, simplifying the transition from ESX to ESXi. All the functionality of vSphere is supported on both ESX and ESXi architectures when licensed properly. In fact, VMware vSphere supports clusters that contain both hypervisors. However, there are a few operational differences between ESX and ESXi. We recommend that you start familiarizing yourself with ESXi and leverage the content in this resource center to learn about the differences between the ESX and ESXi architectures.

Familiarize Yourself with Remote Command Lines: The local COS command line in ESX has been replaced with remote command lines in ESXi, namely, vCLI and PowerCLI. These tools can be used to manage both ESX and ESXi so you can start using them even before you fully migrate to ESXi.

Ensure Your Backup and Systems Management Products Integrate with ESXi. ESXi leverages an API-based partner integration model to reduce the management overhead associated with installing and managing agents in the console OS. VMware has worked closely with our partners to transition all partner products to the API-based integration model. As a result, the majority of systems management, back up and hardware monitoring vendors in the VMware ecosystem support ESXi today. If you are using an agent-based partner solution to integrate with ESX, please check with your vendor to see if a newer version of the product supports ESXi.

Plan an ESXi Migration as Part of Your vSphere Upgrade. The easiest time to migrate to ESXi is when upgrading to the latest version of VMware vSphere. During the Migration process, prior versions of VMware ESX can be replaced with the latest version of VMware ESXi.

Take a free training course on ESXi Essentials. VMware Education Services team has just made available a new, FREE elearning course dedicated to ESXi, “Transition to ESXi Essentials”. The course is a self-paced three-hour online training that provides the knowledge necessary to make fundamental design decisions to successfully add VMware ESXi to a vSphere environment and to take advantage of all of the new features included in ESXi 4.1. The training is ideal for system administrators, consultants and engineers responsible for managing and supporting a vSphere environment.

Benefits of VMware ESXi Hypervisor Architecture

The hypervisor architecture of VMware vSphere plays a critical role in the management of the virtual infrastructure. The introduction of the bare-metal ESX architecture in 2001 significantly enhanced performance and reliability, which in turn allowed customers to extend the benefits of virtualization to their mission-critical applications. Once again, the introduction of the ESXi architecture represents a similar leap forward in reliability and virtualization management. Less than 5% of the size of ESX, VMware ESXi runs independently of an operating system and improves hypervisor management in the areas of security, deployment and configuration, and ongoing administration.

Improve Reliability and Security. The older architecture of VMware ESX relies on a Linux-based console operating system (OS) for serviceability and agent-based partner integration. In the new, operating-system independent ESXi architecture, the approximately 2 GB console OS has been removed and the necessary management functionality has been implemented directly in the core kernel. Eliminating the console OS drastically reduces the codebase size of ESXi to approximately 100 MB improving security and reliability by removing the security vulnerabilities associated with a general purpose operating system.

Streamline Deployment and Configuration. ESXi has far fewer configuration items than ESX, greatly simplifying deployment and configuration and making it easier to maintain consistency.

Reduce Management Overhead. The API-based partner integration model of ESXi eliminates the need to install and manage third party management agents. You can automate routine tasks by leveraging remote command line scripting environments such as vCLI or PowerCLI.

Simplify Hypervisor Patching and Updating. Due to its smaller size and fewer components, ESXi requires far fewer patches than ESX, shortening service windows and reducing security vulnerabilities. Over its lifetime, ESXi 3.5 required approximately 10 times fewer patches than ESX 3.5.

What’s New in ESXi 5.0

In the vSphere 5.0 release VMware has added several significant enhancements to ESXi.

NEW Image Builder. A new set of command line utilities allows administrators to create custom ESXi images that include 3rd party components required for specialized hardware, such as drivers and CIM providers. Image Builder can be used to create images suitable for different types of deployment, such as ISO-based installation, PXE-based installation, and Auto Deploy. It is designed as a Power Shell snap-in component and is bundled with PowerCLI.

NEWESXi Firewall. The ESXi 5.0 management interface is protected by a service-oriented and stateless firewall, which you can configure using the vSphere Client or at the command line with esxcli interfaces. A new firewall engine eliminates the use of iptables and rule sets define port rules for each service. For remote hosts, you can specify the IP addresses or range of IP addresses that are allowed to access each service.

NEW Enhanced SNMP support. ESXi 5.0 expands support for SNMP v.2 with full monitoring for all hardware on the host.

NEW Secure Syslog. ESXi 5.0 adds several enhancements to system message logging. All log messages are now generated by syslog, and messages can now be logged on either local and/or one or more remote log servers. Log messages can be remotely logged using either the Secure Sockets Layer (SSL) or TCP connections. With vSphere 5.0, log messages from different sources can be configured to go into different logs for more convenience. Configuration of message logging can also be accomplished using ESXCLI in addition to the vSphere client.

NEWCentral management of host image and configuration via Auto Deploy. Combining the features of host profiles, Image Builder, and PXE, VMware vSphere Auto Deploy simplifies the task of managing ESXi installation and upgrade for hundreds of machines. ESXi host images are centrally stored in the Autodeploy library. New hosts are automatically provisioned based on rules defined by the user. Rebuilding a server to a clean slate is as simple as a reboot. To move between ESXi versions, you update a rule using the Auto Deploy PowerCLI and perform a test compliance and repair operation.

NEWEnhanced Unified CLI Framework. An expanded and enhanced esxcli framework offers a rich set of consistent and extensible commands, including new commands to facilitate on-host troubleshooting and maintenance. The framework allows consistency of authentication, roles, and auditing, using the same methods as other management frameworks such as vCenter Server and PowerCLI. You can use the esxcli framework both remotely as part of vSphere CLI and locally on the ESXi Shell (formerly Tech Support Mode).

Newvirtual hardware. ESXi 5.0 introduces a new generation of virtual hardware with virtual machine hardware version 8, which includes the following new features:

32-way virtual SMP. ESXi 5.0 supports virtual machines with up to 32 virtual CPUs, which lets you run larger CPU-intensive workloads on the VMware ESXi platform.

1TB virtual machine RAM. You can assign up to 1TB of RAM to ESXi 5.0 virtual machines.

USB 3.0 device support. ESXi 5.0 features support for USB 3.0 devices in virtual machines with Linux guest operating systems. USB 3.0 devices attached to the client computer running the vSphere Web Client or the vSphere Client can be connected to a virtual machine and accessed within it. USB 3.0 devices connected to the ESXi host are not supported at this time.

UEFI virtual BIOS. Virtual machines running on ESXi 5.0 can boot from and use the Unified Extended Firmware Interface (UEFI).

Other significant capabilities available with ESXi since the 4.1 release:

AD Integration. Ability to configure the host to join an Active Directory domain, and any user trying to access the host will automatically be authenticated against the centralized user directory. You can also have local users defined and managed on a host-by-host basis and configured using the vSphere Client, vCLI, or PowerCLI. This second method can be used either in place of, or in addition to, the Active Directory integration.

Scripted Installation. Ability to do a scripted installation of the ESXi software to the local disk of a server. Various deployment methods are supported, including booting the ESXi installer off a CD or over PXE, and accessing the configuration file over the network using a variety of protocols, such as secure HTTP. The configuration file can also specify the following scripts to be executed during the installation:

Pre-install

Post-install

First-boot

These scripts run locally on the ESXi host, and can perform various tasks such as configuring the host’s virtual networking and joining it to vCenter Server.

Boot from SAN support for ESXi. This support includes Fibre Channel SAN, as well as iSCSI and FCoE for certain storage adapters that have been qualified for this capability.

ESXi and ESX Architectures Compared

VMware ESX Architecture. In the original ESX architecture, the virtualization kernel (referred to as the vmkernel) is augmented with a management partition known as the console operating system (also known as COS or service console). The primary purpose of the Console OS is to provide a management interface into the host. Various VMware management agents are deployed in the Console OS, along with other infrastructure service agents (e.g. name service, time service, logging, etc). In this architecture, many customers deploy other agents from 3rd parties to provide particular functionality, such as hardware monitoring and system management. Furthermore, individual admin users log into the Console OS to run configuration and diagnostic commands and scripts.

VMware ESXi Architecture. In the ESXi architecture, the Console OS has been removed and all of the VMware agents run directly on the vmkernel. Infrastructure services are provided natively through modules included with the vmkernel. Other authorized 3rd party modules , such as hardware drivers and hardware monitoring components, can run in vmkernel as well. Only modules that have been digitally signed by VMware are allowed on the system, creating a tightly locked-down architecture. Preventing arbitrary code from running on the ESXi host greatly improves the security of the system.

Architectures Compared

VMware ESX [~ 2 GB]

VMware ESXi [< 150 MB]

VMware agents run in Console OS

Nearly all other management functionality provided by agents running in the Console OS

Users must log into Console OS in order to run commands for configuration and diagnostics

VMware agents ported to run directly on VMkernel

Authorized 3rd party modules can also run in Vmkernel. These provide specific functionality

Hardware monitoring

Hardware drivers

VMware components and third party components can be updated independently

The “dual-image” approach lets you revert to prior image if desired

Other capabilities necessary for integration into an enterprise datacenter are provided natively

No other arbitrary code is allowed on the system

Understand the Difference between ESX and ESXi

VMware ESXi is VMware’s most advanced hypervisor architecture. Learn about the differences with the previous generation architecture, VMware ESX: